Asp - comersus7F Shopping Cart Software Backup Dump Vulnerab
Posted on 29 March 2010
================================================================= Asp - comersus7F Shopping Cart Software Backup Dump Vulnerability ================================================================= ======================================================================================== | # Title : Asp - comersus7F Shopping Cart Software Backup Dump Vulnerability | # Author : indoushka | # Home : www.iqs3cur1ty.com | # Bug : Database Disclosure ====================== Exploit By indoushka ================================= # Exploit : 1- http://127.0.0.1/Comersus/database/comersus.mdb # Brief Description: By default, comersus.mdb isn't password-protected, and contains the following sensitive information: - order information (buyer's address, phone, order status, tracking #, obs, etc) - settings (encryption password, admin email, company information, etc) - shipments - etc Enough to cause damage for the business if any of that information is obtained. # Inj3ct0r.com [2010-03-29]
